embed v1.3R1

Warning: this is experimental software. Use at your own risk!

Files you need:
   dvdelf_orig.bin  - the unchanged encrypted dvdelf from your bios
   output.elf       - decrypted dvdelf without header saved by HDProjectX
   bittable.bin     - magicgate header of the decrypted dvdelf saved by HDProjectX
   mcid.bin         - optional 32 byte signature file for the above dvdelf.
                      Remember that this signature works on one memcard only.

Check the file sizes! The size of dvdelf_orig.bin must equal to the size of
output.elf plus the size of bittable.bin!

To build your osd replacement do the following:

1. Join the bittable.bin and the output.elf into one file. Of course you can skip
   this step if you already have a decrypted dvdelf with header.
   On windoze issue this command:

   > copy /B bittable.bin+output.elf dvdelf_decr.bin


2. Inject your choosen boot elf into the dvdelf and save the result as dvdelf_hack.bin:

   > embed dvdelf_decr.bin BOOT.ELF -o dvdelf_hack.bin

   (Beware: If you don't specify -o the file will be saved as output.elf!)


3. Build the osd file from the original and the hacked one. If you have a
   signature file you can use that as third parameter to automatically
   include the sig in the result.

   > build dvdelf_orig.bin dvdelf_hack.bin
   or
   > build dvdelf_orig.bin dvdelf_hack.bin mcid.bin


4. Rename the file if your bios looks for a different name than osdmain.elf.
   Then copy the file to the approppriate EXEC folder on your MC and test it. :)


Other methods:

   You can now leave out the boot ELF completely and inject only a launcher of
   your choice:

   To include only the default launcher (not recommended as it needs an embedded
   boot ELF):
   > embed dvdelf_decr.bin

   To include a launcher that loads mc:/BOOT/BOOT.ELF from the memcard you booted
   from:
   > embed -l launcher2_mcload\launcher2.elf dvdelf_decr.bin

   You can include other launchers as well, for example ffgriever's RUNME.ELF:
   > embed -l RUNME.ELF dvdelf_decr.bin


Note1: To see more options of the embedding tool issue 'embed' without parameters.
Note2: Don't look at the sources if you don't want a headache. :) Otherwise you are
       free to do whatever you want with them.
Note3: The newer slim consoles contain dvdelfs in several regions that are only 75k
       big. If you can find one mathing your region you can use that as osdmain.elf! :)

Changes:
   v1.3R1: - a better & simpler algorithm for finding the unencrypted regions
             for embedding has been implemented (thx to l_oliveira for the
             bug report).
           - removed the -b option - it gets used automatically if the normal
             method fails.
   v1.3: - Specifying a boot ELF is now optional.
         - Support for slim dvdelfs with the -b option that tries to inject
           the launcher before the insert entry point.
         - A new launcher that loads mc:/BOOT/BOOT.ELF from the same mc that
           was used for booting, now included.
         - ffgriever's new init IRX module is included in the launchers, but
           no source code for now.
         - The 'compare' tool that verified the embedding is now part of the
           embedding procedure.
         - The 'merge' tool has been renamed to 'build'.
   v1.2R1: bugfix in finding the start of packed content
   v1.2: bugfix in determining the correct argument address, and the ability
         to automatically insert the signature into the osdmain.elf.
   v1.1: proper agrument handling
   v1.0: initial release

Known bugs:
   - When disc control is turned on in uLaunchELF while no disc is inserted,
     accessing one of the memcard slots causes the console to freeze.
     It has probably something to do with the cdvdinit stuff in launcher2.


Have fun. :)

Neme

